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(54) TCP admission control 

(57) Congestion at a network node can be aggra- 
vated by having too many TCP connections. A method 
of avoiding the bad effects of too many TCP connec- 
tions is to limit the number of connections. Limiting the 
number of connections is achieved by an admission 
control (1 0) which delays or even discards the connec- 



tion set-up packets. TCP traffic flows are monitored to 
generate packet loss characteristics and when a certain 
condition is met, a connection request queue is disa- 
bled. 
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Description 

Field of the Invention 

[0001] The invention - elates generally to traffic con- 
gestion management of a data network. In particuiar, it 
is directed to a technique by which congestion in the 
data network ss controlled by limiting new TCP connec- 
tion setups based on packet loss characteristics of the 
data network. 

Background of the Invention 

[0002] Tb# curr€tfit data network are handling not 
only enormous wo*t*nc of traffic but mere and vnore 
diver sif ted muffo mstSia traffic, causing the data network 
to become cer*g«*st<$d more often. When congestion 
causes an excess^ r^^rr^sr of packets to be droppi*d : 
it can eas^y impact .Twiny traffic ftow^ and cause rrany 
timeouts Sy ©uara<rti<&e«n§ a certain number of traffic 
flows a rrurirnum ban&Mdth arad treating thfs remair<tor 
as best effort, it is possible to avoid spreading high 
packet logs o*®r so many flows and to reduce the 
number of aborted flows Pending U. S. ■ Patent Applica- 
tion Serial n<m 08/772.256 Wed on Dec. :?3, 1996 ■tincf 
08/818.612 Wed on Mar. t-4. 1997 by the present inven- 
tors describe dynamic tragic conditioning lac'hnkiuas 
which make use of this concept. The dynamic traffic 
condrtionirig techniques described therein allow the net- 
work to discover the nature of the service for each traffic 
flow, classify it dynamically, and exercise traffic condi- 
tioning by means of such techniques as admission con- 
trol and schedulirtg when delivering the traffic 
downstream to support the service appropriately. 
[0003] Congestion at a network node can be aggra- 
vated by having too many TCP connections. TCP mil 
adjust to try to share beraJwidtfr among all connections 
but when the available buffer space is insufficient, time- 
outs will occur and as the congestion increases there 
will be an exponentially growing number of packets* 
resent. The effect of having too many connections is 
that much of the bandwidth in the upstream network is 
wasted carrying packets that will be discarded at the 
congested node because there is not enough buffer 
there. 

[0004] A simple method of avoiding the bed effect of 
too many TCP connections is to limit the number of con- 
nections or to discard one or more packets from ore or 
more existing connections. Limiting the number of con- 
nections is achieved by an admission control which 
delays or even discards the connection set-up packets. 
In the case of discarding packets, which packets and 
from which connection to discard packets are decided 
by preset algorithms cr policies. By invoking this cortfroi 
to limit the number of connections, each packs! is 
inspected to see rf il is a connection set up packet, e.s„ 
TCP SYN packet. This control packet is used to initiate 
a TCP connection and no 'traffic can x\om u;#I it is 
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75 



?.Q 



acknowledged by the other end of the proposed con- 
nection. 

Summary of the Invention 

[0005] It is an object of the invention to obviate disad- 
vantages of the known methods. 
[0006] ft is a further object of the invention to provide 
a method of managing a data network for congestion. 
[0007] It is a further object of the invention to provide 
a method of continuously monitoring the TCP traffic 
flows for congestion in a data network. 
[0008] It is another object of the invention to provide a 
method of managing the data network by performing 
admission control for TCP traffic. 
[0009] It is yet another object of the invention to pro- 
vide a method of managing the data network by exercis- 
ing the connection admission control for a new TCP 
connection request based on the packet loss character- 
istic. • 
[001 0] Briefly stated, the invention resides in a packet 
data network for multimedia traffic having one or more 
nodes in which network one or more packets sr© dis- 
carded to control congestion. According to one aspect, 
3 method of performing admission control to connection 
oriented traffic flows comprises steps of monitoring 
packets of all the traffic flows, deriving a packet loss 
characteristic of the traffic flows and disabling the serv- 
ing of a new connection request when the pack€4 loss 
characteristic matches a predefined pattern. 
[0011] In another aspect, a method of performing 
admission control to TCP traffic flows comprises steps 
of storing all TCP connection setup packets- in a con- 
nection request queue, monitoring packets of all active 
TCP traffic flows according to their port numbers and 
sequence numbers, and recording the count of either 
resent or discarded packets for any TCP traffic flows. 
The method further includes steps of building a history 
table containing the history of the sequence numbers, 
port numbers, and the count of either resent or dis- 
carded packets, computing a packet loss characteristic 
using the contents of the history tabfe, and deciding 
enabling or disabling the connection request queue 
based on the packet loss characteristic with respect to a 
predefined pattern. 

[0012] In a further aspect, the invention is directed to 
a TCP admission controf apparatus for controlling con- 
gestion of a data network. The apparatus comprises a 
TCP output buffer for buffering and inspecting all the 
TCP packets of an incoming traffic flow, and a connec- 
tion request queue for storing new connection requests. 
The apparatus further includes a history table for storing 
traffic information with respect to the TCP packets 
inspected above to derive a packet loss characteristic. 
£nd a queue controller for enabling or disabling the con- 
nection request queue upon detecting the matching of 
the packet loss characteristic with a predefined 'pattern. 
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Brief Description of Pragmas 
[0013] 

Figure 1 is a schematic diagram of the admission 
controi according to an embodiment of the Inven- 
tion. 

Figures 2a and 2b are a flow chart for the case 
where TCP admission control is applied in a traffic 
link. 

Figure 3 illustrates the relationship of admission 
controi with the traffic conditioner. 

Figures 4a and 4b are a flow chart for the case 
where TCP admission control is applied in a router. 

Figures 5 and 6 shor*- possible locations of admis- 
sion controi of the invention. 

Detailed Des cription of the Preferred Embodiments 
of the Invention 

[0014] Referring to Figure 1, the TCP admission con- 
trol apparatus 10. according to one embodiment of the 
invention, includes a connection request queue 12. It is 
located at or near the output buffer 14 of a node of a 
data network. It should be noted thai an admission con- 
trol apparatus can be a separate device or can be made 
integral with or to reside in any node or link equipment. 
It should also be understood that TCP traffic flows as a 
whole can be processed by arc apparatus or separate 
apparatus can be provided for each traffic flow or a 
group of traffic flows in one class. Every packet of an 
input stream is inspected and TCP packets are identi- 
fied at the output buffer 1 using, for example, source and 
destination IP addresses, source and destination port 
numbers and protocol. All new connection requests are 
read at a connection reader 16 and are stored at the 
connection request queue 12. The connection request 
queue 12 is a FIFO If admission control is not invoked 
then the new connection requests will be served imme- 
diately by enabling the connection request queue. If 
admission control is switched on then they will be 
delayed. 

[001 5] The admission control detects the packets that 
are being discarded and looks for multiple successive 
packets from the same flow or multiple instances of the 
same packet, the latter being the result of packet 
resends due to packet loss or discard. The admission 
control derives some pattern of packet discards by 
using a discard measure. For convenience, this meas- 
ure is called packet ioss characteristic in this specifica- 
tion. It is possrble that other parameters can be used to 
indicate the state of congestion in a data network. If cer- 
tain criteria are met or the packet ioss characteristic 
matches a predefined pattern, admission control is 
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invoked and any new connection requests (connection 
set-up packets) will be delayed by disabling the connec- 
tion request queue or packets belonging to one or more 
existing connections will be discarded until the problem 

5 clears, tf a connection set-up packet is delayed too long 
(e.g., one second),- it will be discarded from the queue. 
[001 6] When the packet loss characteristic shows that 
nsw connections can be accepted the servicing of the 
connection request queue is enabled. Waiting connec- 

w tion requests can be served immediately or can be 
released at a controlled pace according to a predefined 
algorithm. 

[0017] The admission control apparatus therefore 
includes a small history table 18 and information about 

75 discarded packets is entered into it. When a packet is 
discarded, the flow identity (source and destination IP 
plus TCP socket nurrtoer) is extracted and compared 
with current stable entries. If the flow already has an 
entry then the history is updated. If the flow does not 

20 have an entry and there is room for a new entry, the new 
entry is made. If there is no room for a new entry the 
information is discarded. 

[0018] The admission control can be performed on a 
traffic link or at a router. 
25 [0019] Inihe case where the admission corrtrol.is per- 
formed on the traffic link, the history table contains, for 



each active flow (or as many flows as can be handled), ^ 

the following entries: ^ 

[0020] The first entry is a count of resent packets for v ^ 

30 that flow (Total Packet Resent). ? ^ 
[0021 ] The second entry is a count of how many times 
the currently recorded packet (that is the currently 

stored sequence number) has been resent (Same 3 

Packet Resent). i 

'j5 [0022] The third entry is the time that the most recent 1 

update was made for that flow. After some period of ; *2 



inactivity the flow is taken out of the table. 
[0023] This information is used to look for patterns of 
discard that indicate congestion problems. It is 
40 assumed that if the sequence number on an arriving 
packet is tower than or equal to the stored value, then it 
must be a resend. The total number of resends as a 
fraction of the total number of packets is a measure of 
downstream congestion. In this embocSment this meas- 
45 ure is used as the packet loss characteristic. 

[0024] Seeing the same packet resent multiple times 
will suggest that the connection is experiencing time-out 
or at least a very high loss rate. It is not usual for a 
packet to be discarded multiple times. Normally the 
so TCP protocol will adjust its window to fit the available 
bandwidth and will only lose one packet before reducing 
that window. Although TCP relies on packet loss to con- 
stantly test for available bandwidth, a packet that is dis- 
carded once will almost certainly be forwarded when it 
55 is retransmitted. Multiple instances of the same packet 
will suggest that the TCP source is experiencing time- 
out. ".: :::*! ; ■: ,'• ' • 
[0025] There will be many variations on what irrforma 
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tion is stored and what algorithm is used to assess 
whether new connections should be enabled. 
[0026] It is not necessary to keep information on all 
flows since a sampled history is sufficient tc detesct 
problem conditions, - s 

[0027] Entries in the history table arc removed after s 
period of time. Also, whenever admission control is 
invoked, the history table is cleaned out and starts frssh 
to get a good picture of the new loss characteristic. The 
history table would be purged, in any case, at rscsular io 
intervals to keep the history reflecting current loss char- 
acteristics. The interval would be configurate depend- 
ing on line rates and expected number of flows, etc. 
[0028] Figures 2a and 2b are a f !cw chart for the case 
where TCP admission control is applied in a traffic Sink is 
rather than in a router. 

[0029] As mentioned earlier, the applicant's pending 
applications describe traffic conditioners and Figure 3 
shows one of such conditioners. In the Figure, a traffic 
conditioner 40 includes a plurality of queues 42, at ieast 20 
one for each class of TCP traffsc. Every packet off-sn 
input stream is inspected and identffied at 44 using, for 
example. IP addresses, ports, etc. A controller 46 char- 
acterises the flow (using rate, duration, etc.) -antf 
assigns it a class. The controller refers to a database 25 
and uses oiitput scheduling to allocate feandvvidfh 
among classes. It can implement an admission control 
policy of the present invention for a class before delrv- sr- 
ing an output stream toward downstream nodes or to 
peripherals. In this case it is necessary to work out 30 
whether a packet has been discarded, by locking for a 
second copy of it passing through the Sink. 
[0030] In another embodiment, the admission ccrtrol 
is performed in the router where the discarded packets 
can be inspected directly as tha discard decision ;s ss 
made at the buffer of the router. 
[0031] In this case the history table contains, for each 
active flow (or as many flows as can be handied), the 
following entries: 

[0032] The first entry is a count- of discarded packets 40 
for that flow (Total Packet Discarded). 
[0033] The second entry is a count cf how many times 
the currently recorded packet (that is the currently 
stored sequence number) has been discarded (Same 
Packet Discarded). ^5 
[0034] The third entry is the time that the most recent 
update was made for that flow. After some period of 
inactivity the flow is taken out of the table- 
[0035] This information is used to look -for patterns of 
discard that indicate congestion problems. The total so 
number of discards as a fraction of the total number of 
packets is a measure cf buffer congest ion; 
[0036] Seeing the same packet resent multiple times 
will suggest that the connection is experiencing timeout 
or at least a very high loss rate. 55 
[0037] There will be rrsny variations on wr >at informa- 
tion is stored and what algorithm is usee! c assess 
whether new connections should be enabled. 
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[0038] In another embodiment, if the admission con- 
trol is performed at the router, packets from one or more 
existing connections can be discarded to control con- 
gestion at its buffer. The discarding action can be taken 
together with action of limiting the set-up of new con- 
nections, latter having been described above. 
[0039] Figures 4a and 4b are a flow chart for the case 
where TCP admission control is applied in a router 
rather than in a traffic link. 

[0040] Like the traffic conditioning of the pending 
applications, the admission control can take place at 
various places in the data network and can be biased 
toward certain kinds of TCP traffic. For example, as 
gateways are often a bottleneck and bulk flows can 
decrease response times for interactive users, an 
admission control can be located at a place shown in 
Figure 5 which will alleviate this problem. In Figurs 6, 
traffic conditioners are located at a plurality of IP 
switches which form a data network 60 
[0041 ] In summary, congestion at a network node can 
be aggravated by having too many TCP connections. A 
simple method of avoiding the bad effects of too many 
TCP connections is to limit the number of connections. 
Limiting the number of connections is achieved by an 
admission control which delays or even discards the 
connection set-up packets, TCP traffic flows are moni- 
tored to generate packet loss characteristics and when 
a certain condition is met, a connection request queue 
is disabled. 

Claims 

1 . A method of performing admission control to con- 
nection oriented traffic flows in a packet data net- 
work for multimedia traffic having one or more 
nodes in which network one or more packets are 
discarded to control congestion, the method com- 
prising the steps of; 

monitoring packets of all the traffic flows; 

deriving a packet loss characteristic of the traf- 
fic flows; and 

disabling the serving of a new connection 
request when the packet loss characteristic 
matches a predefined pattern. 

2. The method of performing admission control to traf- 
fic f lows according to claim 1 wherein the connec- 
tion oriented traffic flows are TCP traffic flows and 
the step of deriving a packet loss characteristic 
comprises further steps of ; 

monitoring discarded packets for the TCP traf- 
fic flows; 

generating a history table containing history of 
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the discarded packets for active TCP traffic 
flaws; and 

analysing the history tattle to derive the packet 
loss characteristic. s 

3. The method of performing admission control, 
according to claim 2 wherein the step of generating 
the history table comprising steps of: 

70 

entering a count of discarded packets for an 
active TCP flow, and 

entering a count of how many times the cur- 
rently recorded packet has been discarded. 15 

4. The method of performing admission control to con- 
nection oriented traffic fiows according to claim 1 
wherein the connection -oriented traffic flews are 
TCP traffic flow's and the step of deriving a packet 20 
loss characteristic comprises further steps of; 

monitoring resent packets for TCP traffic flows; 

generating a hbstcry iabl£ containing history of 2s 
the resent packets for active TCP traffic flows; 
and 

analysing the history table to derive the packet 
loss characteristic. 30 

5. The method of performing admission control, 
according to claim 4 wherein the step of generating 
the history table comprises steps of: 

55 

entering a count of resent packets for an active 
TCP traffic f iow, and 

entering a count of how many times the cur- 
rently recorded packet has been resent. 40 

6. The method of performing admission control, 
according to claim 3 or" 5 further comprising steps 
of: 

45 

storing new TCP connection requests in a con- 
nection request queue; and 

clearing all tha. entries of the history table 
whenever the connection request queue is re- so 
enabled. 

7. The method of performing admission control, 
according to claim 3 or 5 further comprising steps 

of: 55 

purging all the entries of the history table peri- 
odically from time to time or after a certain pre- 
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set period of time. 

8. The method of performing admission control, 
according to claim 3 or 4, comprising a further step 
of enabling the serving of a plurality of new connec- 
tion requests at a controlled pace. 

9. A method of performing admission control to TCP ^ 
traffic flows in a packet data network for multimedia 
traffic having one or more nodes in which network 
one or more packets are discarded to centre! con- 
gestion; trie method comprising the steps of; 

storing all TCP connection setup packets in a 
connection request queue; 

monitoring packets of all active TCP traffic 
flows according to their pat numbers and 
sequence numbers; : 

recording the count of either resent or dis- 
carded packets for any TCP traffic flows; 

building a history table containing the history of 
the 'sequence numbers, port numbers, and the 
count of either resent or discarded packets; 

computing a packet loss characteristic using 
the contents of the history table; and 

deciding enabling or disabling trie connection 
request queue based on the packet loss char - 
acteristic with respect to a predefined pattern. 

10. The method of performing admission control to 
TCP traffic flows according to claim 9 wherein the 
step of computing a packet less characteristic com- 
prises step of : 

deriving the tota! number of either resends or 
discards as a fraction of the total number of 
TCP packets of the TCP traffic fiow. 

11. The method of performing sidmission control to 
TCP traffic flows according to claim 10, comprising 
a further step of: 

deciding to disable the connoc&on request 
queua wheri .th© fraction reaches a . preset 
threshold. 

12. The method of performing admission control to 
TCP traffic f tows according to claim 9, comprising a 
further step of : 

enabling thG connection request queue at a 
controlled pace: -: 
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13. A TCP admission control apparatus for controlling 
congestion of a data network comprising: 

a TCP output buffer for buffering and inspecting 
all the TCP packets of an incoming traffic flow; s 

a connection request queue for storing new 
connection requests; 

a history table for storing traffic information with io 
respect to the TCP packets inspected above to 
derive a packet loss characteristic; and 

a queue controller for enabling or disabling the 
connection request queue upon detecting the 75 
matching of the packet loss characteristic with 
a predefined pattern. 

14. The TCP admission control apparatus according to 
claim 13 wherein the history table contains entries 20 
of a count of either resent or discarded packets for 
the traffic flow and the total number of TCP packet 

of the TCP traffic flow. 
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